Linoma’s Goanywhere MFT

I.WHAT IS LINOMA GONAYWHERE MFT (MANAGED FILE TRANSFER)?

GoAnywhere MFT is a managed file transfer solution for the exchange of data between systems, employees, customers and trading partners. It provides a single point of control with security settings, detailed audit trails and reports. Data transfers are secured using protocols for FTP servers (FTPS, SFTP, and SCP) and Web servers (HTTPS and AS2). It supports popular encryption protocols and offers a NIST-certified FIPS 140-2 Validated Encryption module.

GoAnywhere MFT’s interface and workflow features help to eliminate the need for custom programs/scripts, single-function tools and manual processes that were traditionally needed. This improves the quality of file transfers and helps organizations to comply with data security policies and regulations.

With integrated support for clustering, GoAnywhere MFT can process high volumes of file transfers for enterprises by load balancing processes across multiple systems. The clustering technology in GoAnywhere MFT also provides active-active automatic failover for disaster recovery.

A secure email module is also available that allows users to send messages and files as secure packages. Recipients receive an email with a unique link to each package that allows them to view or download the files via a secure HTTPS connection. There is no limit on file size or type, and each package can be subject to password protection as well as other security features.

GoAnywhere MFT™ is a managed file transfer solution which streamlines the exchange of data between your systems, employees, customers and trading partners. It provides a single point of control with extensive security settings, detailed audit trails and reports.

GoAnywhere MFT’s intuitive interface and comprehensive workflow features will help to eliminate the need for custom programs/scripts, single-function tools and manual processes that were traditionally needed. This innovative solution will reduce costs, improve the quality of your file transfers, and help your organization to comply with data security policies and regulations.

With integrated support for clustering, GoAnywhere MFT can process high volumes of file transfers for enterprises by load balancing processes across multiple systems. The clustering technology in GoAnywhere MFT also provides active-active automatic failover for disaster recovery.

Automation

·  Allows defining multi-step workflows with over 60 different tasks

·  Provides a comprehensive built-in scheduler for running workflows

·  Monitors folders with options to scan for new, changed or deleted files

·  Sends email alerts or processes files when triggered events (e.g. upload, download) occur

·  Includes commands and APIs for launching transfers from remote systems and applications

Collaboration

Intuitive browser-based web client for performing ad-hoc file transfers

·  Enterprise file sync and sharing using GoDrive

·  Secure Mail module for sending files using email notifications with HTTPS download links

·  Access files from anywhere with the mobile application

encryption and compression

Provides FIPS 140-2 compliance mode to meet U.S. Government (NIST) encryption standards

·  Encrypts, signs and decrypts files using Open PGP and GPG encryption standard

·  Automatically encrypts files (at rest) in targeted folders using AES-256 encryption

·  Compresses and decompresses files using ZIP with AES standard

·  Includes integrated Key Management tools for Open PGP keys, SSH keys and SSL/TLS certificates

 

Connectivity

·  Connects to Secure FTP servers (SFTP, FTPS, and SCP) for protected communications

·  Automates file transfers with FTP servers

·  Guarantees delivery with connection retries and file auto-resume

·  Exchanges data with web sites using HTTP/S and Web Services

·  Allows throttling bandwidth usage and monitoring file transfer throughput

·  Sends AS2 messages with support for multiple file attachments

·  Accesses files and directories on network shares using SMB/CIFS protocol

·  Interfaces with Antivirus and DLP solutions using ICAP

·  Sends and retrieves files via email and secure email

·  Calls custom programs and scripts as part of an overall workflow

·  Connects to Websphere MQ, SonicMQ and ActiveMQ for enterprise messaging

 

Inbound connections

SFTP server (with SCP support) for secure file transfers over SSH

·  FTPS server for secure FTP over SSL/TLS (Implicit SSL)

·  Standard FTP server with support for Explicit SSL

·  AS2 server for receiving EDI and other documents over secure connections

·  HTTPS server for simple Ad Hoc file transfers through a browser interface

·  DMZ gateway to keep files in the private network without opening inbound ports

·  Bandwidth throttling to limit network usage by day-of-week and time-of-day

Translation      

Connects to popular database servers including SQL Server, Oracle, MySQL, IBM i, DB2, PostgreSQL, Informix and Sybase

·  Translates data to/from Excel, XML, Delimited text and Flat File or Fixed Width file formats

·  Replicates data between database servers

·  Simplifies ETL processes with the ability to filter records, map columns and transform values

Auditing and reporting

Browser-based interface for monitoring and administration

·  Detailed audit logs for all user activity and file transfers

·  Optionally sends logs to an enterprise SYSLOG server

·  Advanced reporting to provide management and statistical details, graphs and chart

 

Security and user controls

·  Extensive security controls to meet compliance requirements including PCI DSS

·  Comprehensive user management system for trading partners, customers and employee accounts

·  Authenticate users against Active Directory (AD), LDAP, IBM i and database

·  SAML support for single sign-on (SSO)

·  Lock users into specific directories with granular permissions

·  Define virtual folders with user-friendly aliases and permissions

·  Disk quotas to limit storage space usage by each user and folder

 

II. Business affect

Banking and Finance

Banks and financial institutions understand the importance of protecting sensitive data and meeting key compliance regulations.

GoAnywhere MFT™ helps you meet your compliance obligations:

·         Protects your data in compliance with PCI DSS
·         Meets requirements for information integrity required by GLBA
·         Provides the tracking, auditing, and delivery requirements of Basel III
·         Secures integrity of private data required by Sarbanes-Oxley 404 and 409
·         Safeguards data at rest and in transit as mandated by the Dodd-Frank Act
·         Exchanges Check 21 x 937 image files with clearing partners

All financial companies must clearly outline internal procedures that define how the integrity and security of private data will be maintained at rest and in transit, as required by:

Gramm-Leach Bliley Act (GLBA)

Sarbanes-Oxley 404 and 409 (SOX)

Dodd-Frank Wall Street Reform and Consumer Protection Act

Financial institutions are bound by the Check Clearing for the 21st Century Act (or Check 21 Act) that allows banks to substitute original paper checks with a digital version. The transfer of these digital checks must be protected.

For record-keeping, Basel III requires financial organizations to provide tracking, auditing, and guaranteed delivery of transferred files with non-repudiation.

Healthcare

GoAnywhere MFT™ helps healthcare organizations and business associates secure ePHI data and simplifies data transfer operations with the following features:

·         Encrypts data using FIPS 140-2 compliant AES and Triple AES algorithms
·         Authenticates all users so only intended parties can access data
·         Proves HIPAA and HITECH compliance with audit trails and reports
·         Automates and manages file transfers via a browser-based dashboard
·         Streamlines transmission of patient histories and insurance information
·         Secures patient data transfers to HHS or the CDC
·         Protects payroll file transfers with banks
·         Coordinates patient updates with outside physicians
·         Secures medication records collection from pharmacies

Control the transfer of all sensitive files

GoAnywhere MFT’s centralized controls, support for popular transmission protocols, and ease-of-use will empower authorized users to send sensitive data with confidence.

Fully and automatically audit file movements

detailed audit logs and reporting will satisfy compliance regulations which require documentation of where ePHI data is transmitted. GoAnywhere MFT automatically records and retains logins, file transfer transactions and any encountered errors.

Reduce costs and free up resources   

automated processes and transaction alerts allow IT staff to disconnect from business processes, spending more time on other mission critical tasks and projects.

Insurance

The insurance industry must meet onerous compliance burdens, as well as needing a way to simplify and automate data exchanges with business partners.

GoAnywhere MFT™ gives insurance industry users considerable advantages:

·         Secures integrity of private data required by Sarbanes-Oxley 404 and 409
·         Safeguards data at rest and in transit as mandated by the Dodd-Frank Act
·         Meets requirements for information integrity required by GLBA
·         Proves HIPAA and HITECH healthcare compliance with audit trails and reports
·         Maintains integrity and security of files in motion for OIG, Medicare, and Medicaid
·         Automates and manages file transfers via a browser-based dashboard
·         Centralizes file transfer processes to control file access
·         Streamlines document workflows and administration
·         Safeguards inbound ports of internal networks
·         Controls intra- and inter-company access to data, especially during transfer
·         Transfers data in bulk for ETL and migrations
·         Exchanges ACH and payment reconciliation data with banks

The number of compliance regulations for insurance carriers governing data security, especially during file transfers, are onerous.

The Gramm-Leach Bliley Act (GLBA), Sarbanes-Oxley 404 and 409 (SOX), and the Dodd-Frank Wall Street Reform and Consumer Protection Act all require insurance providers to clearly outline internal procedures that define how the integrity and security of private data will be maintained at rest and in transit.

In addition, health insurance companies must address additional issues:

OIG and State Anti-Fraud, Waste and Abuse Inspections:   

Insurers for Medicare and Medicaid providers must have internally established guidelines and effective tools to maintain integrity and security of files in motion.

HIPAA and HITECH:

These daunting mandates aim to prevent data breach and its consequences while securing sensitive data as it is shared among insurance companies and healthcare providers.

Logistics

Distribution and warehouse operations rely on tracking both information and materials. Often sensitive, critical files must be securely exchanged between departments, business partners, and government agencies.

GoAnywhere MFT™ can help with these tasks in many ways:

·         Secures integrity of private data required by Sarbanes-Oxley 404 and 409
·         Creates and maintains records for 21 CFR 1.326-1.368 for food products
·         Meets FTC regulations for tax filings and inventory controls
·         Generates audit trails required to demonstrate compliance
·         Ensures the security and integrity of file transmissions
·         Automates and manages file transfers via a browser interface
·         Streamlines file transfer processes and workflows
  ·         Controls access to sensitive documents with user and group roles.

 

Regulations for distribution and supply-chain management vary depending on industry and geography, and the landscape is constantly changing. Still, chances are good you’ll be accountable for meeting these requirements:

SOX Section 404 and 409: 

Meet administrative/management self-assessment and compliance requirements to have internally established guidelines for maintaining integrity and security for file transfers.

Federal and State Business Tax Codes:

File earnings, payroll, and other tax documentation based on secure and accurate information shared through reliable data transfer software.

Federal Trade Commission Regulations:

Ensure that tax filings exchanged with relevant parties must be based on secure, reliable and confirmable information.

Protect price monitoring and inventory control data shared with the FTC during file transfers.

21 CFR Part 1.326-1.368 (Food Products):   

Establish and maintain records needed to identify an immediate bio-terrorist threat which must be easily accessible and secure if transferred.

Manufacturing

Product manufacturing frequently requires the secure exchange of data files between departments, business partners, and sometimes government entities. Wouldn’t it help if those exchanges were automated and fully tracked as well?

GoAnywhere MFT™ can assist your manufacturing operations in numerous ways:

·         Secures integrity of private data required by Sarbanes-Oxley 404 and 409
·         Creates and maintains records for 21 CFR 1.326-1.368 for food products
·         Meets FTC regulations for tax filings, inventory controls, and price monitoring
·         Generates audit trails required to demonstrate compliance
·         Maintains the security and integrity of file transmissions
·         Automates and manages file transfers through a centralized solution
·         Streamlines file transfer processes and workflows
·         Controls access to sensitive documents with user and group roles

Regulations for manufacturing vary depending on industry and geography, and the landscape is constantly changing. Still, chances are good you’ll be accountable for meeting these requirements:

  SOX Section 404: 

Meet administrative/management self-assessment and compliance requirements to have internally established guidelines for maintaining integrity and security for file transfers.

  Federal and State Business Tax Codes:

File earnings, payroll, and other tax documentation based on secure and accurate information shared through reliable data transfer software.

  Federal Trade Commission Regulations:

Ensure that tax filings exchanged with relevant parties must be based on secure, reliable and confirmable information.

Protect price monitoring and inventory control data shared with the FTC during file transfers.

  21 CFR Part 1.326-1.368 (Food Products):   

Establish and maintain records needed to identify an immediate bio-terrorist threat which must be easily accessible and secure if transferred.

Public Sector

GoAnywhere MFT™ is a secure and automated method of sharing authorized data between government agencies and their trading partners at federal, state, county, and city levels.
·         GoAnywhere MFT protects data confidentiality and simplifies transfer activities in the following ways:

·         Encrypts data using FIPS 140-2 compliant AES and Triple AES algorithms
·         Authenticates all users so only intended parties can access data
·         Proves compliance with audit trails and reports
·         Automates and manages file transfers via a browser-based dashboard
·         Centralizes file transfer processes to control file access
·         Streamlines document workflows and administration
·         Safeguards inbound ports of internal networks

Here are just a few ways that GoAnywhere MFT allows your organization to reduce costs by streamlining processes and automating workflows:

Control the transfer of all sensitive files   

Secured and audited at every step, authorized personnel can confidently send and receive sensitive data files. GoAnywhere MFT works with strong encryption standards including AES, SSL, SSH and Open PGP.

Fully and automatically audit file movements

Regulations require documentation of who has access to sensitive files, where a file has been moved, and every person that might have had access to it along the way. GoAnywhere MFT automatically records complete audit trails of all file transfer transactions and confirms successful delivery.

Reduce costs and free up staff   

Even with measures in place to securely transfer files, the time demands on IT can be significant. But with GoAnywhere MFT, the processes of sending and receiving files are fully automated so staff can focus on other tasks.

Government agencies face significant regulations and security policies when it comes to protecting sensitive data. An effective Managed File Transfer solution is critical for helping agencies meet these strict security requirements.

In addition to regulations like GLBA, SOX, HIPAA, and PCI DSS, one of the most significant standards to which federal government agencies are accountable is the Federal Information Security Management Act (FISMA). This set of requirements, enacted in 2002, mandate that every agency creates, documents, and implements a plan that ensures that the information systems and the data they contain are kept secure. This includes data that is provided or managed by third-party entities such as other government agencies, contractors and trading partners.

Retail

Escalating numbers of instances of data theft by hackers emphasizes the need for safeguarding your company’s reputation by giving your customers a safe place to use their credit cards.

GoAnywhere MFT™ helps retailers preserve the integrity of their and their customers’ data to meet compliance requirements as well as simplifying and automating data movement:

·         Protects your data in compliance with PCI DSS
·         Secures integrity of private data required by Sarbanes-Oxley 404 and 409
·         Ensures that tax filings are based on secure, reliable and confirmable information
·         Generates audit trails required to demonstrate compliance
·         Implements internal policies that conform to Non-Bank Financial Services Rule
·         Meets FTC regulations for tax filings, inventory controls, and price monitoring
·         Maintains the security and integrity of file transmissions
·         Automates and manages file transfers via a browser interface
·         Streamlines file transfer processes and workflows
·         Controls access to sensitive documents with user and group roles

Listed below are the primary mandates which retail IT departments must meet when transmitting data:

PCI DSS (Version 3.0):   

Maintain the security of credit card transactions, including those sent electronically by batch via file transfer.

SOX Section 404:

Establish and document internal guidelines describing how the integrity and security of data transfers will be maintained.

Federal and State Business Tax Codes:   

Ensure that tax filings sent by FTP must be based on secure, reliable and confirmable information.

Non-Bank Financial Services Rule (April 2012):   

As with SOX, develop and implement internal policies regarding the protection of data integrity and security when in motion.

Federal Trade Commission Regulations:   

Protect price monitoring and inventory control data shared with the FTC during file transfers.

III. Resources

Please visit our Resources section.